I have just completed an ISPConfig 3 + CentOS 6.3 64-bit deployment. I have a site set up and am trying to secure it using SSL. The site has been moved from another server so it already has an SSL certificate issued by GoDaddy. I entered all the information in to the SSL panel of ISPConfig, and when I save it, it does rewrite the config file, but it leaves the entire SSL virtualhost out. Am I doing something wrong? Attached image is showing the fully filled out SSL tab on the domain config in ISPConfig. Here's the generated config file (actual domain replaced with example.com) As you can see, it is missing the entire <VirtualHost 1.2.3.4:443> block: Code: <Directory /var/www/example.com> AllowOverride None Order Deny,Allow Deny from all </Directory> <VirtualHost 1.2.3.4:80> DocumentRoot /var/www/example.com/web ServerName example.com ServerAlias www.example.com ServerAdmin [email protected] XSendFile On XSendFilePath /var/www/clients/client1/web1/web ErrorLog /var/log/ispconfig/httpd/example.com/error.log Alias /error/ "/var/www/example.com/web/error/" ErrorDocument 400 /error/400.html ErrorDocument 401 /error/401.html ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 405 /error/405.html ErrorDocument 500 /error/500.html ErrorDocument 502 /error/502.html ErrorDocument 503 /error/503.html <IfModule mod_ssl.c> </IfModule> <Directory /var/www/example.com/web> Options FollowSymLinks AllowOverride All Order allow,deny Allow from all # ssi enabled AddType text/html .shtml AddOutputFilter INCLUDES .shtml Options +Includes </Directory> <Directory /var/www/clients/client1/web1/web> Options FollowSymLinks AllowOverride All Order allow,deny Allow from all # ssi enabled AddType text/html .shtml AddOutputFilter INCLUDES .shtml Options +Includes </Directory> # cgi enabled <Directory /var/www/clients/client1/web1/cgi-bin> Order allow,deny Allow from all </Directory> ScriptAlias /cgi-bin/ /var/www/clients/client1/web1/cgi-bin/ AddHandler cgi-script .cgi AddHandler cgi-script .pl # suexec enabled <IfModule mod_suexec.c> SuexecUserGroup web1 client1 </IfModule> # Clear PHP settings of this website <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> # php as fast-cgi enabled # For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html <IfModule mod_fcgid.c> IdleTimeout 300 ProcessLifeTime 3600 # MaxProcessCount 1000 DefaultMinClassProcessCount 0 DefaultMaxClassProcessCount 100 IPCConnectTimeout 3 IPCCommTimeout 360 BusyTimeout 300 </IfModule> <Directory /var/www/example.com/web> AddHandler fcgid-script .php .php3 .php4 .php5 FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php Options +ExecCGI AllowOverride All Order allow,deny Allow from all </Directory> <Directory /var/www/clients/client1/web1/web> AddHandler fcgid-script .php .php3 .php4 .php5 FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php Options +ExecCGI AllowOverride All Order allow,deny Allow from all </Directory> # add support for apache mpm_itk <IfModule mpm_itk_module> AssignUserId web1 client1 </IfModule> <IfModule mod_dav_fs.c> # Do not execute PHP files in webdav directory <Directory /var/www/clients/client1/web1/webdav> <FilesMatch "\.ph(p3?|tml)$"> SetHandler None </FilesMatch> </Directory> DavLockDB /var/www/clients/client1/web1/tmp/DavLock # DO NOT REMOVE THE COMMENTS! # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE! # WEBDAV BEGIN # WEBDAV END </IfModule> </VirtualHost>
Yes. I even tried unticking the SSL box in the domain tab, waiting for the web config file to rewrite, then ticking it back on to see if it would rewrite the SSL config, but that didn't work either- it still rewrites without the SSL virtualhost.
This indicates that apache failed to start after ispconfig tried to enable ssl in this vhost so ispconfig had to do a config rollback and put back the vhost without ssl. The reason is most likely a wrong ssl key as you use an existing ssl cert. If a existing cert is used, you have to replace the ssl key file of the website with the key that was used to generate the cert. Detailed instructions can be found in the manual chapter 5.4.1.
